Victim of a hacking, the steps to follow
Whether you are individual or professional, nobody is safe from hacking. The techniques keep changing from year to year, here are the steps to follow in case of intrusion.
Nowadays, being victim of a hacking would almost become commonplace! Indeed, hackers have more than one trick in their bag, whether it is through fake websites, malwares or phishing campaigns. We must remain vigilant. But what needs to be done when there is a hacking?
1. Be responsive and identify the nature of the attack.
Whether you are an individual or a professional, know that a hacker’s main goal is to take control of your information system. Because of this, if you detect an unusual disconnection, an abnormal activity, a slowdown in your system or suspicious emails, you must react quickly.
Firstly, keep calm and identify the nature of the attack. It can be identified in different forms:
– Account theft on social networks,
– Hacking of your mailbox,
– Intrusion on your computer network,
– Using a ransomware (malware taking hostage personal data in exchange for ransom),
– Phishing (fraud technique used by hackers for the purpose of recovering personal information by usurping the identity of a trusted third party),
– Etc…
Have you identified the nature of the attack? Here are the things you can do right now
2. Disconnect from the network!
After having hacked your device, the hacker will try to:
– Keep the control of your device (persistence),
– Extract data,
– Encrypt data,
– Block the computer.
Because of this, immediately disconnect your device from the following networks:
– Wired,
– Bluetooth,
– Wifi,
– Cellular data,
– Disconnect the storage devices.
So the hacker has no longer control of your device, and can not further access your data. In other words, you totally block him!
Once disconnected, restart your computer. This action will help you avoid non-persistent malwares that run on your computer.
3. Victim of a ransomware, do not pay any ransom!
If you are victim of a ransomware (malware which locks access to your data by encrypting them), do not pay any money. Even if the intruder promises that you will recover your data, keep in mind that this is a scam.
Indeed, for ethical reasons, entering their game would only maintain it and nothing ensures that you will recover your data once the ransom has been paid.
To do this:
– Do not shut down your computer and disconnect your device from the network in order to prevent the proliferation of the malware,
– File a complaint with the police, the proof of the attack will allow to file a statement with the insurance,
– Delete the «ransomware» by resetting your computer thanks to the installation disc or an USB key on which your operating system as well as your data are backed up.
In order to avoid these misadventures, remember to back up your data regularly on your device as well as on external hard drives.
4. File a complaint!
In France, breaking into a system illegally is punishable by penalties that can be very important.
Indeed, Article 323-1 of the Penal Code stipulates that: « Accessing or remaining fraudulently in all or part of an automated data processing system is punishable by two years’ imprisonment and a fine of €60,000.
When this results in either the deletion or modification of data contained in the system, or an alteration of the operation of this system, the penalty is three years imprisonment and a fine of €100,000.
When the offenses shown in the first two paragraphs have been committed against a system of automated processing of personal data implemented by the State, the penalty is increased to five years of imprisonment and to a 150 000€ fine.»
However, keep in mind that this may take a long time and the more information you will have about the harms suffered, the more the perpetrator will be identifiable.
Here is the list of organizations where you can complain:
This brigade is responsible for the investigation of acts of piracy in Paris and its three neighboring departments (92, 93 and 94).
Contact:
BEFTI
36 rue du Bastion
75017 PARIS
pppj-befti-information@interieur.gouv.fr
This Sub-Department takes over the traditional missions of the Central Office of Combating Crime related to Information and Communication Technologies (OCLCTIC) to which must be added a platform for reporting as well as a technical and judicial guidance.
Offenses dealt with: hacking, fraudulent means of payment, telephony and Internet scams.
Contact:
SDLC/OCLCTIC
101, rue des 3 Fontanots
92 000 Nanterre
Tel: 01 47 44 97 55
Online reporting of illegal content on the Internet
«Info-escroqueries (Info-Scams)» phone platform: 0805 805 817
- Center for combating digital crime (C3N) of the national gendarmerie’s SCRC (Central Criminal Intelligence Service):
A service with national jurisdiction, it brings together all units of the PJGN that directly deal with issues (training, watch and research, investigation, expertise) related to crime and analysis. It also ensures the animation and coordination at the national level of all investigations conducted by the Gendarmerie network of digital investigators.
Jurisdiction: offenses against STAD, people and property.
Contact:
SCRC/C3N
5, Boulevard de l’Hautil – TSA 36810
95037 CERGY PONTOISE CEDEX
email: cyber@gendarmerie.interieur.gouv.fr
The DGSI depends on the Ministry of the Interior. This General Department pursues the protection missions of the Nations’ fundamental interests.
Offenses dealt with: piracy targeting State networks, Restricted Zone settlements and Vital Operators.
Contact:
Tél: 01 77 92 50 00
5. Contact the dedicated cell of «Incident Response» by HTTPCS
The HTTPCS «Incident Response team» responds to urgent needs if you are a victim of hacking. Whether it is an intrusion, a data theft or any other type of attack, our experts are at your service. The goal is to stop the hackers’ actions while fixing the damage caused by the attack.
Our goal is to provide maximum and prolonged security for organizations that are victims of hacking.
Victim of hacking, contact HTTPCS!